Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B665C/4ED166A4AA2211ED833D5FE6F1222468/D6BCB23CAA2511ED900EFAEFF1222468.roa
File: D6BCB23CAA2511ED900EFAEFF1222468.roa (raw, json)
Hash identifier: OxJceCLxLN2HEtk5IYbEb+LCfIUbND+00xlfPzw4WkM=
Subject key identifier: 89:FE:45:AD:88:53:7D:1C:EE:BB:CA:C5:FC:7E:29:45:0B:DA:88:3C
Certificate issuer: /CN=F36B665CAF/serialNumber=2C6A09891C0FEC00E0A39FC77C322831A6EBF979
Certificate serial: 05
Authority key identifier: 2C:6A:09:89:1C:0F:EC:00:E0:A3:9F:C7:7C:32:28:31:A6:EB:F9:79
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/LGoJiRwP7ADgo5_HfDIoMabr-Xk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36B665C/4ED166A4AA2211ED833D5FE6F1222468/D6BCB23CAA2511ED900EFAEFF1222468.roa
Signing time: Sat 11 Feb 2023 16:05:01 +0000
ROA not before: Sat 11 Feb 2023 16:04:57 +0000
ROA not after: Fri 11 Feb 2033 16:04:57 +0000
asID: 328734
IP address blocks: 102.222.144.0/22 maxlen: 24
2c0f:e9b0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36B665C/4ED166A4AA2211ED833D5FE6F1222468/LGoJiRwP7ADgo5_HfDIoMabr-Xk.crl
rsync://rpki.afrinic.net/repository/member_repository/F36B665C/4ED166A4AA2211ED833D5FE6F1222468/LGoJiRwP7ADgo5_HfDIoMabr-Xk.mft
rsync://rpki.afrinic.net/repository/afrinic/LGoJiRwP7ADgo5_HfDIoMabr-Xk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36B665CAF/serialNumber=2C6A09891C0FEC00E0A39FC77C322831A6EBF979
Validity
Not Before: Feb 11 16:04:57 2023 GMT
Not After : Feb 11 16:04:57 2033 GMT
Subject: CN=63e7bcad-5392
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e0:f3:2f:4b:65:60:3a:2a:5c:cb:b6:8f:a8:
e4:d4:3c:4c:9b:b3:d5:4b:5a:c7:86:4b:2b:ff:2f:
ad:b8:ef:46:fb:38:c9:15:67:38:f9:fa:bf:65:0d:
4e:d0:50:81:6e:4e:d8:2a:c9:f0:a4:a7:51:24:f9:
d9:a6:14:8d:ba:0c:1e:b8:10:88:72:40:c9:ed:60:
3f:19:f6:7d:62:a8:6b:64:bb:08:05:72:af:7d:14:
a9:2a:94:db:24:20:ff:c4:15:42:4b:e4:83:28:04:
da:e7:62:9f:82:c0:e1:34:e3:5e:98:d8:03:3e:c9:
2f:37:a5:39:8c:49:a9:c3:f9:fe:06:8c:4b:e0:7b:
64:cd:37:20:f1:19:e5:39:98:48:82:1f:a6:7b:c5:
fd:45:1b:5b:de:55:95:2f:4c:23:d5:21:16:67:3f:
b6:de:aa:ed:e4:79:01:63:0c:04:0c:89:67:6b:43:
d0:d1:c8:db:05:25:b2:49:b1:14:86:9f:7b:0f:e0:
1a:dc:ca:7d:bc:f5:a6:06:c6:08:01:13:96:3e:fd:
3f:85:1a:2c:f6:f9:ad:3a:51:78:bf:37:32:dd:1b:
6c:2e:79:c6:e4:d6:4d:db:86:98:42:52:2f:e8:95:
23:c9:73:34:82:64:f8:6d:45:62:2f:c7:49:e3:d6:
7f:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:FE:45:AD:88:53:7D:1C:EE:BB:CA:C5:FC:7E:29:45:0B:DA:88:3C
X509v3 Authority Key Identifier:
keyid:2C:6A:09:89:1C:0F:EC:00:E0:A3:9F:C7:7C:32:28:31:A6:EB:F9:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36B665C/4ED166A4AA2211ED833D5FE6F1222468/LGoJiRwP7ADgo5_HfDIoMabr-Xk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/LGoJiRwP7ADgo5_HfDIoMabr-Xk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B665C/4ED166A4AA2211ED833D5FE6F1222468/D6BCB23CAA2511ED900EFAEFF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.222.144.0/22
IPv6:
2c0f:e9b0::/32
Signature Algorithm: sha256WithRSAEncryption
22:27:c8:84:45:d4:31:a5:45:19:f0:0b:02:62:72:88:ed:d7:
03:81:3e:6a:52:22:04:e6:fe:f8:e9:00:e1:f2:e2:d1:0c:80:
a0:64:98:04:1a:fa:4b:dd:c0:19:47:17:f2:c9:10:ba:62:9f:
ba:25:9f:86:4f:a9:12:67:a2:c4:04:d2:9f:fd:49:73:ca:29:
f5:af:87:b9:24:be:ab:ca:52:85:a2:12:1d:da:9d:08:93:20:
4f:2d:3f:dc:55:5d:14:fb:e7:a0:b4:18:93:1b:8c:4c:d7:90:
f3:14:1b:8c:44:c7:14:32:7a:a4:06:43:70:67:4d:e3:ac:47:
e4:e9:de:f7:5a:77:cd:95:36:92:50:aa:2f:10:a4:44:0e:e9:
f3:35:2c:1c:9c:fa:90:44:04:ed:f4:f0:81:d4:af:93:3b:4d:
7b:45:03:3f:20:f9:59:f8:f3:92:72:c2:14:21:d3:e1:d9:40:
37:c6:73:a5:60:61:ad:c8:cd:ba:d1:7a:89:4b:99:ee:1b:a9:
52:5e:d2:32:86:f1:97:8f:6e:ca:02:b4:df:3e:76:de:1f:d6:
39:53:f9:9a:2a:65:27:ee:4c:1a:3b:7d:37:cb:69:ca:e1:55:
bb:6f:41:50:2b:25:4d:61:2c:28:2d:03:b4:37:e6:96:8f:fd:
67:1b:dd:49
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZC
NjY1Q0FGMTEwLwYDVQQFEygyQzZBMDk4OTFDMEZFQzAwRTBBMzlGQzc3QzMyMjgz
MUE2RUJGOTc5MB4XDTIzMDIxMTE2MDQ1N1oXDTMzMDIxMTE2MDQ1N1owGDEWMBQG
A1UEAwwNNjNlN2JjYWQtNTM5MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMvg8y9LZWA6KlzLto+o5NQ8TJuz1Utax4ZLK/8vrbjvRvs4yRVnOPn6v2UN
TtBQgW5O2CrJ8KSnUST52aYUjboMHrgQiHJAye1gPxn2fWKoa2S7CAVyr30UqSqU
2yQg/8QVQkvkgygE2udin4LA4TTjXpjYAz7JLzelOYxJqcP5/gaMS+B7ZM03IPEZ
5TmYSIIfpnvF/UUbW95VlS9MI9UhFmc/tt6q7eR5AWMMBAyJZ2tD0NHI2wUlskmx
FIafew/gGtzKfbz1pgbGCAETlj79P4UaLPb5rTpReL83Mt0bbC55xuTWTduGmEJS
L+iVI8lzNIJk+G1FYi/HSePWfx0CAwEAAaOCArQwggKwMB0GA1UdDgQWBBSJ/kWt
iFN9HO67ysX8filFC9qIPDAfBgNVHSMEGDAWgBQsagmJHA/sAOCjn8d8Migxpuv5
eTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QjY2NUMvNEVEMTY2QTRBQTIyMTFFRDgzM0Q1RkU2RjEyMjI0NjgvTEdvSmlS
d1A3QURnbzVfSGZESW9NYWJyLVhrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTEdvSmlSd1A3QURnbzVfSGZESW9NYWJyLVhrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QjY2NUMvNEVEMTY2QTRBQTIyMTFFRDgzM0Q1RkU2RjEy
MjI0NjgvRDZCQ0IyM0NBQTI1MTFFRDkwMEVGQUVGRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbekDANBAIAAjAHAwUALA/p
sDANBgkqhkiG9w0BAQsFAAOCAQEAIifIhEXUMaVFGfALAmJyiO3XA4E+alIiBOb+
+OkA4fLi0QyAoGSYBBr6S93AGUcX8skQumKfuiWfhk+pEmeixATSn/1Jc8op9a+H
uSS+q8pShaISHdqdCJMgTy0/3FVdFPvnoLQYkxuMTNeQ8xQbjETHFDJ6pAZDcGdN
46xH5One91p3zZU2klCqLxCkRA7p8zUsHJz6kEQE7fTwgdSvkztNe0UDPyD5Wfjz
knLCFCHT4dlAN8ZzpWBhrcjNutF6iUuZ7hupUl7SMobxl49uygK03z523h/WOVP5
miplJ+5MGjt9N8tpyuFVu29BUCslTWEsKC0DtDfmlo/9ZxvdSQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:58 2024 by rpki-client on console-fra.rpki-client.org